Comments Off on Web Of Trust = Web Of Lies
Posted by mywotlies on June 18, 2011

WOT “Web of Trust” = Web of Lies

I made this blog to tell the truth about WOT (Web of Trust) browser “security” add-on. The reason I have to do it here is because mywot.com will delete from their forums anything negative at all. In fact, what you will read here was posted in the mywot.com forums and deleted within 15 minutes!

Where do I start?

How I found the truth about “Web of Trust”

I discovered the browser add-on quite some time ago when it was added to the Chrome browser extensions but, after looking at it I quickly realized that it offered NO security as it claimed and is nothing more than users’ opinions being presented as some sort of “security” and “trust” for the web. Well, I chose not to use the add-on at that time, obviously, as it gave me no benefit–any browser will warn me of malicious sites before I get to them, WOT/myWOT has no such ability regardless of their marketing.

Well, a long time later I found out that a site of mine had been “spammed” by “Web of Trust” (myWOT) users and rated very poorly. I was very surprised because the site in question is just a free information site. It has no ads, no malware, no adult content, sells nothing, etc. . . Even scanned by McAfee SiteAdvisor and deemed “clean.” You know the type of site, one of those sites we all love to visit because you aren’t inundated with ads and a slow loading site. Just information that you may enjoy. . . or may not. No cookies set, nothing. . . just a very basic web site with information.

As it turned out, at least one WOT (Web of Trust) user decided they disagreed with the views of this information and used their account (and possible multiple accounts) to give the site a poor rating. At which point any other myWOT user that visited the site would be presented with a scary popup warning them that the site is “untrustworthy.”

What do these warnings mean?

from the myWOT (Web of Trust) rating guidelines FAQs:

The criteria for rating websites

User ratings are the foundation of Web of Trust. All WOT reputation ratings are based on ratings from our massive community. Everyone who has installed the add-on is allowed to rate and we encourage you to do so. You do not need to be an IT professional in order to rate websites. All we ask if for you to share your experiences from the websites you already know. Being able to learn from other people’s experiences is the whole reason for the WOT service.

We ask you to rate websites according to your own personal experience and knowledge while keeping in mind the instructions below:

Rate only websites that you know and have visited

You can rate a website only in the components that are valid and leave the other components unrated

If you feel that a WOT rating for a site is incorrect, please provide your own rating

If you use a site that does not have enough evidence for calculating the rating – indicated by the symbol – please give your own rating

In addition to rating, you can leave a comment explaining your rating/experience for other WOT users

You can rate websites in four rating components:

Trustworthiness reflects the overall trustworthiness of a website: Do you consider this site safe to use? Does this site deliver you what it promises? Do you trust the content of the website? A poor rating may indicate Internet scams, identity theft risks, credit card fraud, phishing, viruses, adware or spyware. The site may contain annoying advertisements, excessive pop-ups or content that makes your browser crash. A poor rating may also indicate that the site’s content is not trustworthy.

Vendor Reliability tells you whether the site is safe for buying and selling or for business transactions in general. An “excellent” rating indicates superior customer service, timely delivery of products or services and overall customer satisfaction. A “poor” rating indicates possible fraud or a bad shopping experience.

Privacy tells you whether the site has a privacy policy that protects your personal identity and data. For example, does the social networking service you use give you the means to determine what is public and what remains private? Does the site have opt-in privacy options? A “poor” rating indicates concern that your data may be sold to 3rd parties, be stored indefinitely or be turned over to law enforcement without a warrant, etc.

Notice under “Trustworthiness” that users can deem a site to have “malware, adware, etc. WOT has no such tools to do this.

Why was my site deemed poor in all four categories?

I found out that is was due to content. No, not strange or adult oriented content. Normal content for any person. The person rating however has a political/personal agenda to suppress anything of that nature.

Please realize that I do not want to give clear details because I know full well that the WOT community will retaliate against the site if they can identify it.

Let me just say that the information espoused on the site is widely accepted by the greater majority of the world for a very long time.

Researching the “Web of Trust” WOT addon/extension

After digging up some of the truth as to why my site was “black listed” by “some” WOT users I set out to find out what WOT really was.

Well, I found that it is nothing more than a tool to rate users’ opinions and nothing at all about what the categories profess to be.

So, I posted the following forum thread in the mywot.com forums. Within 15 minutes it was removed. This is not unusual. In fact it is standard practice at mywot.com to delete any comments that are negative and/or truthful about the “Web of Trust” addon and doesn’t show it in the “best of light.”

Here is the post in full:

“After doing a little research into WOT I’ve found that is it very very easy to game WOT.

1. WOT does not require that a user actually have a myWOT account. They can simply install the add-on and rate from that point on.

2. WOT does not seem to use IP address to ensure that someone does NOT use multiple browsers with different WOT add-ons to game the system.

3. Even if #2 were not true, anyone can use a service like TOR to rate sites and they will show with a different IP every time they start TOR.

4. WOT has no fail-safe mechanism that checks a user’s rating against professional security/trust tools.

5. WOT does not have any type of verification for account setup–no email or phone verification.

Because of these five holes (there are more) in WOT it’s very easy for any person to game WOT and promote or discredit a site != “trust.”

A good example would be a person using multiple browsers each with the WOT add-on and having a separate account for each one. This could easily give a person five or more “valid” WOT accounts. And if they are really smart and use portable versions of the browsers they can have an infinite number 😉
Over time this user could build up those accounts to have a rather high ranking for his/her account/ratings. From that point on the person could weight a non-rated site very easily. Since once “consistent” user ratings are given to a site anyone following those ratings that rate differently are seen by WOT as “differing” and therefore seems to not have the same weight given to their ratings = pack mentality promoted by WOT.

This is especially prevalent with sites that see lower volume traffic from WOT users–one WOT user can go about searching out a specific topic and “black list” sites easily with that topic very easily. At which point it is rather difficult to get the sit into the “good” or “excellent” range even though by all outlined criteria by WOT for rating the site fits the “excellent” standard.

This is what seems to have happened to one of my sites a little while ago. “Poor ratings” given to a site that has absolutely nothing malicious on it, no ads, no pop ups, no adult content, sells nothing, etc. . had “consistent” poor ratings therefore, my guess is that a single user most likely gamed WOT rated the site as “poor” because he/she has a differing opinion on the topic of the site–the person left a comment stating such that seems to have been removed by myWOT but showed in Google’s cache = myWOT hiding the truth of ratings = ratings are bogus. Further evidence of this is demonstrated by visiting sites with a similar topic and finding they consistently have less than stellar ratings when in fact the sites fits the “excellent “criteria for rating as outlined by WOT in ALL categories. Futhere evidence came from Google’s cache of the user who gave poor ratings–he/she left a link to a site that supposedly counted the information on my site. However, the site they linked to was rife with invalid and fallacious arguments and did not fit the criteria for “excellent” rating in any category yet had just that in every category for WOT.

This is not something new for WOT. Many reports on the web show that WOT users go after sites with differing opinions–especially political and religious–and any site that does not see high volume WOT traffic can easily be “black listed” or highly promoted by just a few users.

Furthermore, myWOT admin removes anything negative from the forums about myWOT and goes after anyone on the web stating these same facts.

How long will this post be left of the forum?

Yes, I’m aware that the warnings that WOT give show a very very vague calculation of how many people have voted however, this is not all that clear to users that are not fully educated on WOT nor is the warning accurate at all–the ratings generally have nothing to do with the criteria listed in the pop up. They do NOT equate to trust in any what whatsoever. They only equate to user opinions that can often be very very malicious.

The reason why users are able to do this is because of these five gaping holes in WOT that WOT developers are doing nothing about.

At this current time those holes could be greatly decreased if myWOT required that every user have a valid mywot.com account and in order to activate that account they must get an activation code via phone, as phone numbers are much harder to game than email addresses yet WOT doesn’t even bother doing verification via email.

Secondly, professional tools like McAfee SiteAdvisor scan the web constantly as does Google and offer an easy way to see if a site is harmful that WOT could easily utilize to add a fail-safe to flag users’ ratings that say there is malware and the like on a site when in fact there is nothing. This would add an easy check against users to find what users are following the guidelines for rating sites and which users are attempting to game the system and black list sites due to their own agenda. Much of this has already been pointed out in these very forums though is often removed by myWOT.

At this point WOT seems fairly useless and very misleading–advertising itself as a security tool for your browser when in fact it is nothing more than an opinion tool misleading users as to whether or not a site is safe or not based on a few users’ opinions when rating.

WOT users have gamed the system far too much. . . now the ratings are meaningless because it has been gamed because of these obvious holes in the system.

For those that think this isn’t possible and for myWOT admin/devs who think they can just say these things are not true. I have done all of theme here and promoted and “black listed” sites within a couple of days generally without even using any myWOT accounts.“

End or original post.

How long did this post remain in the mywot.com forums? Not even 15 minutes. Not even long enough for Google to cache it however, I did make screenshots because I’ve seen this happen over and over on the mywot.com forums as you can find out for yourself on many posts throughout the web.

Of course mywot.com will claim that it is for other reasons which are blatantly not true whatsoever.

The Proof on WOT

Here’s a screenshot of the actual post on the mywot.com forum

Here’s a screenshot of Google’s search for this topic:

It’s the “Gaming WOT – it’s far too easy!!!” link.

And finally, here’s what happened within a few minutes.

Notice the URL. It’s the correct URL. This is just what mywot.com does. They police everything to maintain a false reputation about their add-on/extension.

Web of Trust Lies

It may sound a little harsh to say they are lying however, if we look at the FAQs that mywot.com has we can quickly see that they are indeed lying about what their add-on actually is. Anyone that is a little tech savvy can prove these same things I am saying here.

In the above FAQ they claim to use other sources. This isn’t true. If it were true then users could not rate a site as have “malware” when anti-virus tools have crawled the site and say it is perfectly clean. They would have some sort of safe-guard and they don’t. No would they be able to rate is as “poor” for vendor reliability when the site does NOT sell anything.

I proved these things myself by gaming sites and ranking them one way or another without even setting up and account. It was very easy to give a site that had not been previously rated by WOT users as “unsafe” or “safe.” Anyone can prove this by using portable browsers and adding the add-on/extension, rating sites, deleting the browser, then doing it all over again, and again, and again, and again. It does in fact work. It just takes time.

And here we have them saying that site rankings can NOT be manipulated.

I’ve done it! It isn’t hard at all. It just takes time. Now image a zealot that really wants to police the web. They will set up multiple accounts using multiple different browsers each set to a different myWOT.com account so they can build up their own personal “authority” on myWOT so they can easily “black list” sites and make it very difficult for anyone to get the site to a valid rating.

And here we have the biggest problem. The fact that myWOT is telling users that a site is “potential danger.” When in fact they have no real way of knowing that whatsoever because they use no scanning tools, only user opinion.

Please note how the above FAQ starts of with “Green indicates that the site is trusted by the community” yet continues on with other colors as if they are not just “community ratings” to give the impression that they in fact actually mean “caution” and “danger.” They mean no such thing. They all mean the same thing–this is what users opinions are of this site and those opinions are based on anything the user deems because WOT has not safeguard policing users that abuse the system.

Conclusions

1. mywot.com is not being forthright by deleting negative posts in the forums.

2. mywot.com know about these holes

3. mywot.com has done nothing to close these holes

4. WOT add-ons and extension offer NO security as they have no such tools built into it.

5. There can be no “trust” in the rating of this “community” as they have shown time and time again they are willing to remove any negativity about their “browser security tool” and are unwilling to fix these glaring holes and know full well that users are gaming the system in order to “black list” sites.

The biggest problem here is that users actually believe they are getting some sort of “security” form these add-ons & extensions and will avoid perfectly safe and good sites because other WOT users have rated the site on nothing other than their opinions and beliefs in order to attempt censoring the web for other users.

Web of Trust? Not eve a little. Censored web? Yep! A tool to “black list” sites? Yep! A tool that is easily spammed? Yep!

Why would they allow this to continue?

If you spend enough time watching the forums you will see that a few users are very honest however, their posts will be removed quickly. . . so you have to watch, and watch, and watch.

What do these long time “honest” users say? That myWOT cares little about any of this and are only concerned with getting the numbers high so they can monetize the tool to companies like Facebook, as they have recently done. Thus cashing in one “community ratings.” Furthermore, they will point out how many WOT users enjoy giving negative ratings to sites just for fun and/or spite. . . and this has been well know for a long time and myWOT has done nothing to stem the abuse.

Web of Trust Lawsuits

Search the web a little and you will quickly find that the “Web of Trust” is getting sued by sites for these ratings. I expect now that they are becoming more prominent and cashing in on these ratings that more sites will start to sue, and they are justified in doing so.

Should you use WOT add-on?

Only if you want to support a tool that can be used to censor the internet and gives you NO actual security whatsoever.

A good modern/current browser will warn you of any malicious web sites before you even go to them. Chrome browser is proving time and time again to be the most secure browser and if you go through major search engines such as Bing & Google they will not rank spammy sites. WOT offers NONE of these securities. Finally for the very paranoid there are tools for scanning the web like McAfee SiteAdvisor. However, I’ve never used any of these things and have never had a problem because I use common sense and don’t click on things that are questionable as well as running my OS in user mode and not admin.

Commenting on this post

I thought about leaving comments open however, mywot.com and WOT users have spammed nearly every site that has posted anything negative about them and I really don’t want to spend my time dealing with them any more. I’ve spent way too much time research what a corrupt little tool this is already.

Anyone that wants to prove these accusations can easily do so. Just get a portable browser and add the WOT extension, rate some sites that have no ratings–this is the fastest way to demonstrate these problems. Delete the browser and do it all over again. It will take you a few times because you are a “new user” with no raking within mywot yourself, but it will work. No go forth and spam the web with WOT (Web of Trust) to push your own lies about sites.

Proof that my wot management is pushing “black listing” of sites?

Take a good look at how WOT’s CMO is advising this “skeptic” to push his/her agenda and “organize” their community to action and use WOT to go after sites, when she should have told them flat out that the purpose of WOT is NOT to push agendas. . . clearly it is.

And we wonder why we can’t trust the “web of trust” WOT? Clearly WOT employees/management do NOT believe in their own rating guidelines and therefore, WOT has no rating guidelines. This is precisely why WOT hasn’t fixed these obvious holes with the system. . . they don’t want to. They want zealots black listing sites just as long as they get more users rating sites so they can monetize WOT to companies.

Web of Trust? Yeah, RIGHT!

The “Mass Rating” abuse is reserved for WOT zealots!

This just gets better and better. WOT has a “mass rating tool” that you (well. . . not you, but the WOT faithful zealots) can use to give the same rating & comment to up to 100 sites AT ONE TIME! If that isn’t spam I don’t know what is. Oh, let us not forget that WOT’s guidelines say you should only rate sites that you “know.”

Now I know why the forums are full of these zealots posting for others to “mass rate” sites as poor even though there is no evidence whatsoever that the sites are “unsafe” in any way whatsoever.

They reserve this tool for the members that are high raters. In other words, if you are a zealot rater for WOT they will let you spam all the sites you want with poor ratings. Have at it! Spam away you zealot WOT users–yes, go after those “spam” sites. . . just now mywot.com 😉

Then they had a nice little lie in this wiki. They claim that sites that are mistakenly rated incorrectly and are false positives “in neither case should these sites Reputation suffer long term effects within WOT from this misuse.” They aren’t saying they will correct the problem are they? They are saying that the sites shouldn’t suffer long term. . . but who’s going to change it? myWOT? NO way they won’t removing ratings, that’s their life blood. So, these sites will suffer.

But if we like you we’ll let you spam rating regardless 😉

Just so they can allow themselves to let a new zealot that proves himself/herself to them spam ratings they leave this little clause in their mass spam tool, “WOT Staff reserves the right to offer the mass rating tool to any member regardless of their current activity level.”

CLASSIC! If you are honestly rating sites and not making us money. . . well, you will have to wait to spam ratings, BUT if you help makes us a little cash we might let you start early 😉 😉

Add this spamming tool to the total BS that users are given more “authority” for their rating Vs others. Why? Just because I’m not rating thousands of sites is my objective observations of what a site is somehow less true than some zealot’s spamming ratings? If they wanted a true web of trust each user’s opinion would count the same however, that wouldn’t get them their zealots to help them cash in.

WOT Spamming The Complaints board

Someone tried to post a “positive review” of WOT on the complaints board. . . most likely just a WOT employing spamming the web as they do with their “advertising.”

At least some people know what the “Web of Trust” is really about–spamming the web and trying to get people to buy trust badges for 30 euros per month.

Pay and we will “trust” you 😉 😉

That’s the scam. WOT offers trust badges. . . WTF?!?!?! Pay them 30 euros a month so you can be a trusted site within the WOT community?!?! YEAH!!!!

Why would I need a badge like that if WOT has “millions of trusted users” as they claim in all their advertising? Shouldn’t the “ratings” be trustworthy, valid, honest, and following strict guidelines. . . you know, like the “skeptics” mentioned early going about spamming all sites they disagree with because, well. . . you know, these are omniscient people that know everything and are never wrong so they can tell the rest of us what is good and bad to read and what sites we should stay away from. WTFE!

It’s always about money in the end! OH, and don’t forget that they want you to give poor ratings to sites that have ads because, well. . . you aren’t supposed to make money on the web but they are, and they can place ads everywhere without being considered untrustworthy?!?!?!?

WTF?!?!?! WHO in their right mind would use this addon?

Take a few moments and search out the negative reviews of the “Web of Trust.” You can find some stuff on the mywot forums but the good stuff usually gets deleted very quickly.

Nevertheless, there’s a lot of other posts out there saying the same thing I am here. The “Web of Trust” is NOT to be trusted and NEEDS TO BE SHUT DOWN!